From: Maxime Devos <maximedevos@telenet.be>
To: 55297@debbugs.gnu.org
Cc: Maxime Devos <maximedevos@telenet.be>
Subject: [bug#55297] [PATCH 01/10] search-paths: Define $SSL_CERT_DIR and $SSL_CERT_FILE.
Date: Sat, 7 May 2022 08:37:31 +0000 [thread overview]
Message-ID: <20220507083740.59995-1-maximedevos@telenet.be> (raw)
In-Reply-To: <dd38681508c8f591655f17171d573d448a9982ce.camel@telenet.be>
For the ‘why’, see the docstring next to $SSL_CERT_DIR. In later commits,
packages will be changed to use these variables and the variables will be
added to more packages.
* guix/search-paths.scm ($SSL_CERT_DIR, $SSL_CERT_FILE): New variables.
* doc/guix.texi (Search Paths): Document them.
---
doc/guix.texi | 21 ++++++++++++++++++++-
guix/search-paths.scm | 26 ++++++++++++++++++++++++++
2 files changed, 46 insertions(+), 1 deletion(-)
diff --git a/doc/guix.texi b/doc/guix.texi
index 7369a306f6..25e2429533 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -88,7 +88,7 @@ Copyright @copyright{} 2020 Daniel Brooks@*
Copyright @copyright{} 2020 John Soo@*
Copyright @copyright{} 2020 Jonathan Brielmaier@*
Copyright @copyright{} 2020 Edgar Vincent@*
-Copyright @copyright{} 2021 Maxime Devos@*
+Copyright @copyright{} 2021, 2022 Maxime Devos@*
Copyright @copyright{} 2021 B. Wilson@*
Copyright @copyright{} 2021 Xinglu Chen@*
Copyright @copyright{} 2021 Raghav Gururajan@*
@@ -9830,6 +9830,25 @@ Again, the libxml2 example shows a situation where this is needed.
@end table
@end deftp
+Some search paths are not tied by a single package but to many packages.
+To reduce duplications, some of them are pre-defined in @code{(guix
+search-paths)}.
+
+@defvr {Scheme Variable} $SSL_CERT_DIR
+@defvrx {Scheme Variable} $SSL_CERT_FILE
+These two search paths indicate where X.509 certificates can be found
+(@pxref{X.509 Certificates}).
+@end defvr
+
+These pre-defined search paths can be used as in the following example:
+
+@lisp
+(package
+ (name "curl")
+ ;; some fields omitted ...
+ (native-search-paths (list $SSL_CERT_DIR $SSL_CERT_FILE)))
+@end lisp
+
How do you turn search path specifications on one hand and a bunch of
directories on the other hand in a set of environment variable
definitions? That's the job of @code{evaluate-search-paths}.
diff --git a/guix/search-paths.scm b/guix/search-paths.scm
index 002e6342bb..6b13a98946 100644
--- a/guix/search-paths.scm
+++ b/guix/search-paths.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014, 2015, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2022 Maxime Devos <maximedevos@telenet.be>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -32,6 +33,8 @@ (define-module (guix search-paths)
search-path-specification-file-pattern
$PATH
+ $SSL_CERT_DIR
+ $SSL_CERT_FILE
search-path-specification->sexp
sexp->search-path-specification
@@ -70,6 +73,29 @@ (define $PATH
(variable "PATH")
(files '("bin" "sbin"))))
+;; Two variables for certificates (see (guix)X.509 Certificates),
+;; respected by 'openssl', possibly GnuTLS in the future
+;; (https://gitlab.com/gnutls/gnutls/-/merge_requests/1541)
+;; and many of their dependents -- even some GnuTLS depepdents
+;; like Guile. As they are not tied to a single package, define
+;; them here to avoid duplication.
+;;
+;; Additionally, the 'native-search-paths' field is not thunked,
+;; so doing (package-native-search-paths openssl)
+;; could cause import cycle issues.
+(define-public $SSL_CERT_DIR
+ (search-path-specification
+ (variable "SSL_CERT_DIR")
+ (separator #f) ;single entry
+ (files '("etc/ssl/certs"))))
+
+(define-public $SSL_CERT_FILE
+ (search-path-specification
+ (variable "SSL_CERT_FILE")
+ (file-type 'regular)
+ (separator #f) ;single entry
+ (files '("etc/ssl/certs/ca-certificates.crt"))))
+
(define (search-path-specification->sexp spec)
"Return an sexp representing SPEC, a <search-path-specification>. The sexp
corresponds to the arguments expected by `set-path-environment-variable'."
base-commit: 855097683230b756ba28636bed03ce904b6f3589
prerequisite-patch-id: 8c36bd91ff2f97cee25843119fdb12a71b3947bd
prerequisite-patch-id: 3082a0c917de3ca7abf1fc40c2fced691da6d99f
prerequisite-patch-id: ae89e00772cf3737e32b3b7bd191bfbeaaf5d0ed
prerequisite-patch-id: d74573180a62eaa0b6ac57ef46d08409fb5652a8
prerequisite-patch-id: ccb777079d8182a3e44b29cc061f59496ae16188
prerequisite-patch-id: cbb90155003134235f98b750f5e4de2096c9e414
prerequisite-patch-id: ff8b567c0b58018b9c2085a324ce02711eadc77e
prerequisite-patch-id: 6569c696b96227cfb2f056a894d441b99141a571
prerequisite-patch-id: eeb5c4446896b7d5209de79e7b9a2486a9a5dadb
prerequisite-patch-id: 226931bbd40f2e7b43df22ea44783293d663e97a
prerequisite-patch-id: 7b0f5bf490c804d1ce3f3bb0daf45273ce9bae8a
prerequisite-patch-id: 0605551576cb5fbb0215575f8acee2ad91441ec8
prerequisite-patch-id: 851c816dcdc728b085c2cad0f00b140113915af7
prerequisite-patch-id: eca886865831aca6a9803626f60fd37f1f3e1a49
prerequisite-patch-id: 49190c9aa45e582877c7716c59f4f509a4623948
prerequisite-patch-id: f9e4fa15bc34d249aecf318c66cb598762ee5728
prerequisite-patch-id: 69e49a32a11f33c23ccaa1a785c40dfc04068403
prerequisite-patch-id: ec55a066dbaf5790b993edfbead3d27c7817949e
prerequisite-patch-id: 44dedf2945b47ffe0a298b7129e7134567327d2d
prerequisite-patch-id: 441f8c8acc52886c30a2ca167329cf5117b9d024
prerequisite-patch-id: ad05c828905c092a370a7b267c09c4ec2dbc4850
prerequisite-patch-id: 4683b5d9fe136a4f71cf3f8f6fa99363b80aaa64
prerequisite-patch-id: bd6189df0a2a0122a769ba3f849dcd1f047dea14
prerequisite-patch-id: b723e932d080a91ab5d87a92c154e6ede074fe9c
prerequisite-patch-id: cb2dd382af23e9d1d7eb63f55c463ea15ab7fb95
--
2.35.1
next prev parent reply other threads:[~2022-05-07 8:39 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-07 8:35 [bug#55297] [PATCH 0/10] Make adding SSL_CERT_FILE/DIR search paths easier and add some missing ones Maxime Devos
2022-05-07 8:37 ` Maxime Devos [this message]
2022-05-07 8:37 ` [bug#55297] [PATCH 02/10] gnu: openssl: Use $SSL_CERT_DIR/$SSL_CERT_FILE Maxime Devos
2022-05-07 8:37 ` [bug#55297] [PATCH 03/10] gnu: cuirass: Use $SSL_CERT_DIR Maxime Devos
2022-05-07 8:37 ` [bug#55297] [PATCH 04/10] gnu: cmake-bootstrap: Use $SSL_CERT_DIR/$SSL_CERT_FILE Maxime Devos
2022-05-07 8:37 ` [bug#55297] [PATCH 05/10] gnu: curl: " Maxime Devos
2022-05-07 8:37 ` [bug#55297] [PATCH 06/10] gnu: guix: Use $SSL_CERT_DIR Maxime Devos
2022-05-07 8:37 ` [bug#55297] [PATCH 07/10] gnu: youtube-dl: Add missing $SSL_CERT_DIR/FILE search paths Maxime Devos
2022-05-07 8:37 ` [bug#55297] [PATCH 08/10] gnu: youtube-dl-gui: Add search paths of 'youtube-dl' Maxime Devos
2022-05-07 8:37 ` [bug#55297] [PATCH 09/10] gnu: youtube-viewer: " Maxime Devos
2022-05-07 8:37 ` [bug#55297] [PATCH 10/10] gnu: w3m: Add $SSL_CERT_DIR/$SSL_CERT_FILE search paths Maxime Devos
2022-05-07 8:48 ` [bug#55297] [PATCH 0/10] Make adding SSL_CERT_FILE/DIR search paths easier and add some missing ones Maxime Devos
2022-05-07 13:38 ` Maxime Devos
2022-05-13 15:32 ` Ludovic Courtès
2022-05-13 15:39 ` Maxime Devos
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220507083740.59995-1-maximedevos@telenet.be \
--to=maximedevos@telenet.be \
--cc=55297@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/guix.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.